A vulnerability, which was classified as critical , has been found in Industrial Application Software IAS Canias ERP 8.03 . Impacted is the function Runtime.getRuntime.exec of the component RMI Interface . Performing a manipulation of the argument troiaCode results in os command injection. This vulnerability was named CVE-2026-8217 . The attack may be initiated remotely. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.